vijay_admin/sentryagent-idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0fb00256b468a16072bbb6ce5b981fed39b7f052
sentryagent-idp/sdk-go/credentials_test.go
SentryAgent.ai Developer 91c759f455 feat: Phase 2 Workstream 3 — Go SDK (github.com/sentryagent/idp-sdk-go) 
Single-package agentidp SDK in sdk-go/:
- AgentIdPClient composing AgentRegistryClient, CredentialClient,
  TokenServiceClient, AuditClient — all 14 endpoints covered
- Goroutine-safe TokenManager (sync.Mutex) with 60s refresh buffer
- AgentIdPError implementing error interface with Code/HTTPStatus/Details
- Context-aware: all service methods take context.Context as first arg
- doRequest shared helper; token endpoints use form-encoded POST directly
- go vet: 0 warnings | staticcheck: 0 warnings
- go test ./...: 37/37 passed | coverage: 81.0% (>80% gate)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-28 15:23:02 +00:00

147 lines
4.3 KiB
Go
Raw Blame History

package agentidp
import (
"context"
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
)
var mockCred = Credential{
CredentialID: "cred-1",
ClientID: "uuid-1",
Status: "active",
CreatedAt: "2026-01-01T00:00:00Z",
}
var mockCredWithSecret = CredentialWithSecret{
Credential: mockCred,
ClientSecret: "sk_live_abc",
}
var mockPaginatedCreds = PaginatedCredentials{
Data: []Credential{mockCred},
Total: 1,
Page: 1,
Limit: 20,
}
func TestCredentialClient_GenerateCredential(t *testing.T) {
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost || r.URL.Path != "/api/v1/agents/uuid-1/credentials" {
t.Errorf("unexpected: %s %s", r.Method, r.URL.Path)
}
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(201)
_ = json.NewEncoder(w).Encode(mockCredWithSecret)
}))
defer srv.Close()
client := newCredentialClient(srv.URL, staticToken, &http.Client{})
cred, err := client.GenerateCredential(context.Background(), "uuid-1")
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if cred.ClientSecret != "sk_live_abc" {
t.Errorf("expected sk_live_abc, got %q", cred.ClientSecret)
}
if cred.CredentialID != "cred-1" {
t.Errorf("expected cred-1, got %q", cred.CredentialID)
}
}
func TestCredentialClient_ListCredentials(t *testing.T) {
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet || r.URL.Path != "/api/v1/agents/uuid-1/credentials" {
t.Errorf("unexpected: %s %s", r.Method, r.URL.Path)
}
w.Header().Set("Content-Type", "application/json")
_ = json.NewEncoder(w).Encode(mockPaginatedCreds)
}))
defer srv.Close()
client := newCredentialClient(srv.URL, staticToken, &http.Client{})
result, err := client.ListCredentials(context.Background(), "uuid-1", 0, 0)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if result.Total != 1 {
t.Errorf("expected total 1, got %d", result.Total)
}
}
func TestCredentialClient_RotateCredential(t *testing.T) {
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
expectedPath := "/api/v1/agents/uuid-1/credentials/cred-1/rotate"
if r.Method != http.MethodPost || r.URL.Path != expectedPath {
t.Errorf("unexpected: %s %s", r.Method, r.URL.Path)
}
w.Header().Set("Content-Type", "application/json")
_ = json.NewEncoder(w).Encode(mockCredWithSecret)
}))
defer srv.Close()
client := newCredentialClient(srv.URL, staticToken, &http.Client{})
cred, err := client.RotateCredential(context.Background(), "uuid-1", "cred-1")
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if cred.ClientSecret != "sk_live_abc" {
t.Errorf("expected sk_live_abc, got %q", cred.ClientSecret)
}
}
func TestCredentialClient_RevokeCredential(t *testing.T) {
revokedAt := "2026-01-02T00:00:00Z"
revoked := Credential{
CredentialID: "cred-1",
ClientID: "uuid-1",
Status: "revoked",
CreatedAt: "2026-01-01T00:00:00Z",
RevokedAt: &revokedAt,
}
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodDelete {
t.Errorf("expected DELETE, got %s", r.Method)
}
w.Header().Set("Content-Type", "application/json")
_ = json.NewEncoder(w).Encode(revoked)
}))
defer srv.Close()
client := newCredentialClient(srv.URL, staticToken, &http.Client{})
cred, err := client.RevokeCredential(context.Background(), "uuid-1", "cred-1")
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if cred.Status != "revoked" {
t.Errorf("expected revoked, got %q", cred.Status)
}
}
func TestCredentialClient_Error_Propagated(t *testing.T) {
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(404)
_ = json.NewEncoder(w).Encode(map[string]string{
"code": "AgentNotFoundError",
"message": "Not found.",
})
}))
defer srv.Close()
client := newCredentialClient(srv.URL, staticToken, &http.Client{})
_, err := client.GenerateCredential(context.Background(), "bad-id")
if err == nil {
t.Fatal("expected error, got nil")
}
apiErr, ok := err.(*AgentIdPError)
if !ok {
t.Fatalf("expected *AgentIdPError, got %T", err)
}
if apiErr.HTTPStatus != 404 {
t.Errorf("expected 404, got %d", apiErr.HTTPStatus)
}
}
Reference in New Issue View Git Blame Copy Permalink